From b1d102497d0294657e963bd2ec675124df507ddf Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 30 Nov 2023 23:36:29 +0000 Subject: [PATCH] Update Helm release postgresql to v13 Signed-off-by: Renovate Bot --- class/defaults.yml | 2 +- .../templates/primary/networkpolicy.yaml | 3 +- .../templates/primary/statefulset.yaml | 35 ++++++++++++++----- .../templates/primary/svc-headless.yaml | 6 ++-- .../postgresql/templates/primary/svc.yaml | 3 +- .../templates/primary/networkpolicy.yaml | 3 +- .../templates/primary/statefulset.yaml | 26 +++++++++----- .../templates/primary/svc-headless.yaml | 6 ++-- .../postgresql/templates/primary/svc.yaml | 3 +- 9 files changed, 60 insertions(+), 27 deletions(-) diff --git a/class/defaults.yml b/class/defaults.yml index 82d0d357..fbc7605b 100644 --- a/class/defaults.yml +++ b/class/defaults.yml @@ -62,7 +62,7 @@ parameters: version: v2.3.0 postgresql: source: https://charts.bitnami.com/bitnami - version: v12.5.6 + version: 13.2.23 # FQDN should be overwritten on the cluster level fqdn: keycloak.example.com # Disables dynamically resolving the hostname from request headers. diff --git a/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/networkpolicy.yaml b/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/networkpolicy.yaml index 42bab512..0f07eb67 100644 --- a/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/networkpolicy.yaml +++ b/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/networkpolicy.yaml @@ -6,7 +6,8 @@ metadata: app.kubernetes.io/instance: keycloak app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-12.5.6 + app.kubernetes.io/version: 16.1.0 + helm.sh/chart: postgresql-13.2.23 name: keycloak-postgresql-ingress namespace: syn-builtin spec: diff --git a/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/statefulset.yaml b/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/statefulset.yaml index 86ca17c2..bcbbeb55 100644 --- a/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/statefulset.yaml +++ b/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/statefulset.yaml @@ -2,11 +2,12 @@ apiVersion: apps/v1 kind: StatefulSet metadata: labels: - app.kubernetes.io/component: keycloak + app.kubernetes.io/component: primary app.kubernetes.io/instance: builtin app.kubernetes.io/managed-by: commodore app.kubernetes.io/name: keycloak - helm.sh/chart: postgresql-12.5.6 + app.kubernetes.io/version: 16.1.0 + helm.sh/chart: postgresql-13.2.23 name: keycloak-postgresql namespace: syn-builtin spec: @@ -28,7 +29,8 @@ spec: app.kubernetes.io/instance: keycloak app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-12.5.6 + app.kubernetes.io/version: 16.1.0 + helm.sh/chart: postgresql-13.2.23 name: keycloak-postgresql spec: affinity: @@ -56,17 +58,17 @@ spec: value: /bitnami/postgresql/data - name: POSTGRES_USER value: keycloak - - name: POSTGRES_POSTGRES_PASSWORD + - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: - key: postgres-password + key: password name: keycloak-postgresql - - name: POSTGRES_PASSWORD + - name: POSTGRES_POSTGRES_PASSWORD valueFrom: secretKeyRef: - key: password + key: postgres-password name: keycloak-postgresql - - name: POSTGRES_DB + - name: POSTGRES_DATABASE value: keycloak - name: POSTGRESQL_ENABLE_LDAP value: 'no' @@ -128,7 +130,16 @@ spec: cpu: 250m memory: 256Mi securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: false + runAsNonRoot: true runAsUser: 1001 + seccompProfile: + type: RuntimeDefault volumeMounts: - mountPath: /opt/bitnami/postgresql/certs name: postgresql-certificates @@ -160,7 +171,11 @@ spec: limits: {} requests: {} securityContext: + runAsGroup: 0 + runAsNonRoot: false runAsUser: 0 + seccompProfile: + type: RuntimeDefault volumeMounts: - mountPath: /bitnami/postgresql name: data @@ -186,7 +201,9 @@ spec: rollingUpdate: {} type: RollingUpdate volumeClaimTemplates: - - metadata: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: name: data spec: accessModes: diff --git a/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/svc-headless.yaml b/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/svc-headless.yaml index bb13dd96..c56b8f77 100644 --- a/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/svc-headless.yaml +++ b/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/svc-headless.yaml @@ -1,13 +1,15 @@ apiVersion: v1 kind: Service metadata: + annotations: + service.alpha.kubernetes.io/tolerate-unready-endpoints: 'true' labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: keycloak app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-12.5.6 - service.alpha.kubernetes.io/tolerate-unready-endpoints: 'true' + app.kubernetes.io/version: 16.1.0 + helm.sh/chart: postgresql-13.2.23 name: keycloak-postgresql-hl namespace: syn-builtin spec: diff --git a/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/svc.yaml b/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/svc.yaml index f4543e5e..6c58fcc5 100644 --- a/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/svc.yaml +++ b/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/svc.yaml @@ -6,7 +6,8 @@ metadata: app.kubernetes.io/instance: keycloak app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-12.5.6 + app.kubernetes.io/version: 16.1.0 + helm.sh/chart: postgresql-13.2.23 name: keycloak-postgresql namespace: syn-builtin spec: diff --git a/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/networkpolicy.yaml b/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/networkpolicy.yaml index bc583379..26445d44 100644 --- a/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/networkpolicy.yaml +++ b/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/networkpolicy.yaml @@ -6,7 +6,8 @@ metadata: app.kubernetes.io/instance: keycloak app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-12.5.6 + app.kubernetes.io/version: 16.1.0 + helm.sh/chart: postgresql-13.2.23 name: keycloak-postgresql-ingress namespace: syn-openshift-postgres spec: diff --git a/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/statefulset.yaml b/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/statefulset.yaml index 37bd55e9..7d1c98ca 100644 --- a/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/statefulset.yaml +++ b/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/statefulset.yaml @@ -2,11 +2,12 @@ apiVersion: apps/v1 kind: StatefulSet metadata: labels: - app.kubernetes.io/component: keycloak + app.kubernetes.io/component: primary app.kubernetes.io/instance: openshift-postgres app.kubernetes.io/managed-by: commodore app.kubernetes.io/name: keycloak - helm.sh/chart: postgresql-12.5.6 + app.kubernetes.io/version: 16.1.0 + helm.sh/chart: postgresql-13.2.23 name: keycloak-postgresql namespace: syn-openshift-postgres spec: @@ -28,7 +29,8 @@ spec: app.kubernetes.io/instance: keycloak app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-12.5.6 + app.kubernetes.io/version: 16.1.0 + helm.sh/chart: postgresql-13.2.23 name: keycloak-postgresql spec: affinity: @@ -56,17 +58,17 @@ spec: value: /bitnami/postgresql/data - name: POSTGRES_USER value: keycloak - - name: POSTGRES_POSTGRES_PASSWORD + - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: - key: postgres-password + key: password name: keycloak-postgresql - - name: POSTGRES_PASSWORD + - name: POSTGRES_POSTGRES_PASSWORD valueFrom: secretKeyRef: - key: password + key: postgres-password name: keycloak-postgresql - - name: POSTGRES_DB + - name: POSTGRES_DATABASE value: keycloak - name: POSTGRESQL_ENABLE_LDAP value: 'no' @@ -132,6 +134,8 @@ spec: capabilities: drop: - ALL + privileged: false + readOnlyRootFilesystem: false runAsNonRoot: true seccompProfile: type: RuntimeDefault @@ -163,6 +167,8 @@ spec: capabilities: drop: - ALL + privileged: false + readOnlyRootFilesystem: false runAsNonRoot: true seccompProfile: type: RuntimeDefault @@ -185,7 +191,9 @@ spec: rollingUpdate: {} type: RollingUpdate volumeClaimTemplates: - - metadata: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: name: data spec: accessModes: diff --git a/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/svc-headless.yaml b/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/svc-headless.yaml index 97566948..53a39c1b 100644 --- a/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/svc-headless.yaml +++ b/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/svc-headless.yaml @@ -1,13 +1,15 @@ apiVersion: v1 kind: Service metadata: + annotations: + service.alpha.kubernetes.io/tolerate-unready-endpoints: 'true' labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: keycloak app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-12.5.6 - service.alpha.kubernetes.io/tolerate-unready-endpoints: 'true' + app.kubernetes.io/version: 16.1.0 + helm.sh/chart: postgresql-13.2.23 name: keycloak-postgresql-hl namespace: syn-openshift-postgres spec: diff --git a/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/svc.yaml b/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/svc.yaml index d81678b5..9a6d8c7c 100644 --- a/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/svc.yaml +++ b/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/svc.yaml @@ -6,7 +6,8 @@ metadata: app.kubernetes.io/instance: keycloak app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-12.5.6 + app.kubernetes.io/version: 16.1.0 + helm.sh/chart: postgresql-13.2.23 name: keycloak-postgresql namespace: syn-openshift-postgres spec: